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Ensured Access To Static Objects Inside a Dynamic Token MemozY 

1. BACKGROUND OF THE INVENTION 

1.1 FIELD OF THE INVENTION 

The present invention relates to electronic data carrier file 
systems. In particular, the present invention relates to file 
systems for small hand held data carriers, particularly for 
SmartCards, i.e., chipcards having an own processor means. 

1.2 DESCRIPTION AND DISADVANTAGES OF PRIOR ART 

A new area of technology with increasing importance is 
represented by the increasing use and acceptance of chipcards and 
their applications for many different purposes. 

Such applications need the ability to store data on media so that 
they can be retrieved at a later point in time. Under normal 
circumstances they use the file interface provided by the 
operating system on which the application is running. The 
operating system makes use of file systems to store the data on 
hardware and to keep the data consistent. 

Chipcards have only limited computing resources. Even up-to-date 
chipcard design is limited in flexibility or user comfort by the 
constraint to implement either a static or a dynamic file system. 
Both of them have their particular disadvantages. 

As to static file systems static data objects can be accessed 
with simple access routines providedable by the card itself under 
the constraint that the chipcard applications have to store the 
objects in a known structure in a specific data file with a known 
id. But the storing of objects in fixed structures in a defined 
file on a chipcard is not flexible enough for most of 
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applications/ and it consumes too much space on the space-limited 
smart card. Further, said static files are not flexible enough in 
space management and are not easily created after issue of the 
card because the card issuer may restrict file manipulation with 
access rights for security reasons. 

Further, in multi-application chipcards the memory location of 
data which could be needed for all application like Personal 
Identification Numbers (PIN) or other security-relevant data must 
be known to all applications which is difficult to manage. 

ThuS/ for a flexible management of data objects on a card, 
basically, a dynamic file system is needed, but this does not 
guarantee fixed adresses for a particular, specific object which 
is desirable from a different point of view: 

When objects on the smart card are managed dynamically in a 
dynamic file system an area, i.e., a file on a smart card can be 
defined as a dynamic storage. But the management of the data 
objects is performed through access routines running outside of 
the smart card in the pc, because the chipcard' s ressources lack 
performance to do that by itself efficiently. 

Most of the chipcard applications accessing said dynamic objects 
use the host PC's dynamic access routines to increase flexibility 
of chipcard file system management. 

For some applications or devices, however, it is not possible to 
use these access routines, because of limited space available for 
their program code. Examples are boot routines running before the 
PC's operating system is started, or handheld devices with 
strongly limited resources, like for example a pocket reader for 
chipcards . 

1.3 OBJECTS OF THE INVENTION 

Thus, it is an objective of the present invention to combine the 
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advantages of both, the dynamic and the static file systems on a 
chipcard- 



2, SUMMARY AND ADVANTAGES OF THE INVENTION 



These objects of the invention are achieved by the features 
stated in enclosed independent claims. Further advantageous 
arrangements and embodiments of the invention are set forth in 
the respective subclaims* 

According to the present invention, static data objects are 
managed in a dynamic file system. A kind of embedment takes place 
in which one or more static objects are embedded in the dynamic 
file system within a file. The static objects are excluded from 
management actions performed on the dynamic file system. 

Said static embedded objects are proposed to have a fixed memory 
address inside the dynamic file system and cannot be moved to a 
different location by the dynamic file management functions, e.g. 
for free space management, def ragmentation purposes* 

By this approach said static data objects can be accessed by easy 
command sequences without any complex file management functions 
as it was mentioned above, for example by boot routines. 



On the other hand, said static data objects can also be accessed 
by the file management functions of the dynamic file system. No 
additional static files are neccessary on the card to hold said 
static data objects. 



Advantageously, security-relevant data can be stored in said 
static objects the access of which is then ensured by primitive 
access routines just indicating a fixed address and a maximum 
size for said object. 



This feature can also be applied advantageously for multi- 
application chipcards in order to manage just one single set of 
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User identification or authentication set instead of a separate 
set for each application. This increases the user comfort because 
a user needs not remember a lot of PINs, passwords, user names, 
etc. 

Further, the term ^embedding' does not necessarily comprise that 
the inner part is surrounded from both sides by the ^bed' . The 
start or the end positions od the overall storage area are thus 
comprised therof, i.e. This is a semi-embedment. 

Finally, the invent ional approach can also be inverted: The 
inventional combination of static and dynamic file systems can 
also be achieved by embedding a dynamic file system in a static 
file system. 

3. BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention is illustrated by way of example only and 
is not limited by the shape of the figures of the accompanying 
drawings in which: 

Fig. 1 is a schematic representation illustrating the placement 
of two static objects embedded in a dynamic file system, and 

Fig. 2 is a schematic representation illustrating the placement 
of one static object embedded in a dynamic file system which 
changes the dynamic objects over time. 

4. DESCRIPTION OF THE PREFERRED EMBODIMENT 

With general reference to the figures and with special reference 
now to Fig. 1 one dynamic file 1 which forms part of a file 
system 12 having a plurality of files and a prior art directory 
structure has several data objects 1,..5. Objects 1 and 2 are 
static, whereas objects 3, 4 and 5 are dynamic objects. As can be 
seen from the drawing the static objects are embedded within said 
file of said file system. The dynamic objects are shown to be 



managed on the same hierarchy level as it is done with the static 
ones . 

Fig. 2 shows three different situations occurring in the course 
of time, time increasing in y-direction to top. The x-direction 
indicates the address scale, a linear scale which orders the 
storage locations of the total storage area of the file 1 from 
fig. 1. 

By different actions exerted on the dynamic file system this is 
changed over time which is illustrated by the moving file 1 
covering different ranges of the address space. In the bottom 
situation the dynamic file starts with an address Al, in the 
middle situation with A2, and in the top situation with A3. In 
said middle situation, additionally two memory leaks 24 are 
depicted in order to show that the system should be defragmented, 
which was done as can be seen in the top situation ♦ As can be 
seen from the drawing for said start addresses holds: A2 < Al < 
A3 . The size of the dynamic file is illustrated to increase 
slightly, as well. As reveals from the drawing, however, the 
static object 22 is not changed at all. It keeps its start 
address depicted as A-fix, and keeps its size, even if the 
content of the object might has been changed in the course of 
time • 

So, assxoming security-relevant data to be stored in said static 
object 22 of the file system of a chipcard, said data can be 
easily read for example by a pocket reader for verifying said 
data, before the host operating system is booted. It is 
sufficient to simply know the start address and size of the 
object. The same yields for a plurality of objects not shown in 
the drawing to increase its clearness. Thus, in the pre-boot 
phase the data can already be read. If they are not verified, the 
system need not boot at all. This saves time for the card user. 

The creation of static objects is described now in more detail 
next below: 
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Basically, static objects are proposed to be created in two 
different advantageous ways: 

The first way is to create the static object during 
initialization or personalization of the smart card. The 
directory information stored on the card for the dynamic access 
routines must be initialized. Said initialization means to 
reserving a specified address inside the dynamic file with a 
specified length, and marking it as static such that the above- 
mentioned dynamic access routines will not move any static 
object. The address inside the dynamic file can then easily be 
accessed and used by primitive devices or applications. 

The second way is to create the static object after issuing the 
card with the dynamic file access routines. 

A so-called CreateStaticObject function can be used to create a 
static object by specifing a particular size only. Said function 
scans the available free storage area and returns an adequate 
start address location, that can be used to access the object by 
primitive devices and applications. 

Or, alternatively, a so-called CreateStaticObjectByAddress 
function can be used to create a static object by specifying 
both, an address and a size. This function tries to create the 
static object on said specific address. If the so defined storage 
area is occupied fully or partly by one or more another dynamic 
object, this or they, respectively, are moved to another location 
inside the dynamic space. 

These routines also manage the directory information used by the 
dynamic file access routines . 

Next, a straight-forward description exemplarily for the above- 
mentioned two functions. 

Creating a static object with a so-called CreateStaticObject: 
1. Check the specified object size if it fits into the file 
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'-system. 

2. Get the directory information of the dynamic file system. 

3. Loop through directory entrys and find a sequence of 
consecutive unused memory bytes inside the file system, 
where the given size will fit. A best fit algorithm may be 
used to find the best matching sequence. 



4. Create an directory entry for the new object and set a flag 
to mark the entry as a ^Static Object' . This directory entry 
contains the address and the size of the new object. 

5. Write the directory entry to the file system inside the 
device (e.g. Smartcard) 

Creating a static object with so-called 
CreateStaticObj ectByAddress : 

1. Check the specified object size if it fits into the file 
system. 

2. Get the directory information of the dynamic file system. 

3. Loop through directory entrys and check if a sequence of 
consecutive unused memory bytes is available at the 
specified address with the specified size inside the file 
system. 

4. If another non static object is occupying some bytes of the 
demanded file system space, the filesystem tries to move the 
object by copying the data to another location and updating 
the related directory entry. 

5. If another static object is occupying the demanded file 
system space or a move of a non static object is not 
possibe, an error will be returned. 

6. Create a directory entry for the new object and set a flag 
to mark the entry as a ^Static Object' , This directory entry 
contains the address and the size of the new object. 

7. Write the directory entry to the file system inside the 
device (e.g. Smartcard) 
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Further, said static objects can be deleted by the above- 
mentioned dynamic file access routines, including updating the 
directory information of the dynamic storage on the card. 

It should be noted that the static objects in the inventional 
combined file management system can be accessed by the dynamic 
access fxinctions in the normal way like other dynamic objects. 
Updates can be made with the limitation, that the size of the 
object cannot be changed. 

In addition said static objects can be accessed by primitive 
devices and applications using simple commands just indicating 
the start address and the offset. For exaimple, a small handheld 
device reads information from the card by power-on of the card, 
selecting the dynamic file, and reading the data with a known 
size at a known address inside this file with a primitive read- 
command . 

The same mechanism can be used for updating the static data 
object by using the known address and the known size. The only 
restriction is that the size of a static object cannot be 
increased. 

In the foregoing specification the invention has been described 
with reference to a specific exemplary embodiment thereof. It 
will, however, be evident that various modifications and changes 
may be made thereto without departing from the broader spirit and 
scope of the invention as set forth in the appended claims. The 
specification and drawings are accordingly to be regarded as 
illustrative rather than in a restrictive sense. 

The present invention can be realized in hardware, software, or a 
combination of hardware and software. The inventional combined 
file system is not restricted to chipcard memory management 
although this is a primary application field. Any kind of 
computer system or other apparatus adapted for carrying out the 
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methods described herein is basically suited. A typical 
combination of hardware and software could be a any computing 
device with a computer progrcim that, when being loaded and 
executed, controls the device such that it carries out the 
methods described herein* 



The present invention can also be embedded in a computer program 
product, which comprises all the features enabling the 
implementation of the methods described herein, and which - when 
loaded in a computer system - is able to carry out these methods* 

Computer program means or computer program in the present context 
mean any expression, in any language, code or notation, of a set 
of instructions intended to cause a system having an information 
processing capability to perform a particular function either 
directly or after either or both of 
the following 

a) conversion to another language, code or notation; 

b) reproduction in a different material form. 
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2. 

i 

i 

I 

3. 

I 
I 

4. 



5. 
6. 

i 



A method for managing a dynamic file system (12), 
characterized by the step of 

embedding one or more static data objects (22) in said 
dynamic file system which are excluded from actions 
performed dynamically on said file system (12) • 

The method according to claim 1 comprising the step of 

defining an embedded static object (22) by a memory 
address and a fixed size. 

The method according to claim 1 comprising the steps of 
creating an embedded static data object (22) by 
specifying a predetermined storage size, 

scanning the memory for an available storage area large 
enough in size for receiving said static data object, and 
allocating said storage area for said static object (22) . 

The method according to claim 1 comprising the steps of 
creating an embedded static data object (22) by 
specifying a predetermined memory address and a 
predetermined storage size, 

allocating the respective storage area if said area is 
not used else, and 

if said area is already in use, moving data using said 
area to a different memory location, and allocating 
said area thereafter. 

The method according to claim 1 used for managing a chipcard 
file system. 

The method according to the preceding claim comprising the 
step of 

accessing a static object (22) in a pre-boot phase of a 
host system connected with said chipcard. 



PFintSl:20^<3lt2001. 



i 



- 11 - 

7. The method according to the preceding claim comprising the 

step of 

storing security-relevant data in a static object (22) . 

8. A chipcard comprising a dynamic file system (12) managed by 

the method according to one of the preceding claims. 

9. A computer operating system program for execution in a data 

processing system comprising computer program code 
portions for performing respective steps of the method 
according to anyone of the claims 1 to 7, when said 
code portions are executed on said data processing 
system. 

10. A computer program product stored on a computer usable 

medium comprising computer readable program means for 
causing a computer to perform the method of anyone of 
the claims 1 to 7, when said program product is 
executed on said computer. 
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The present invention relates to electronic data carrier file 
systems/ and in particular to file system mangement for small 
handheld data carriers, particularly for SmartCards, i.e., 
chipcards having an own processor means. According to the present 
invention, static data objects (22) are managed in a dynamic file 
system. A kind of embedment takes place in which one or more 
static objects (22) are embedded in the dynamic file system 
withina file (1) . The static objects are excluded from management 
actions performed on the dynamic file system. Said static, 
embedded objects (22) are proposed to have a fixed memory address 
inside the dynamic file system and cannot be moved to a different 
location by the dynamic file management functions. Said static 
data objects can be accessed by easy command sequences without 
any complex file management functions, for example by boot 
routines in order to check personal security-relevant data. 
(Fig. 1) 
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